A new bug has infiltrated Instagram and spread like wildfire. It is a hack that has spread from user account to user account undetected so far.
Over this past weekend, I was using Instagram when I was direct messaged by a friend of mine with the message titled, “Lindsay, I made this for you.”
Underneath was a link to what it seemed was a login landing page for Instagram. Being in the cybersecurity field, I knew to look out for the web page address, and it was not Instagram. The web address was “pic-here.me”.
It was disguised as an Instagram login with the Instagram logo and even the web rights listed at the bottom of the page. It mimicked everything visually that an Instagram login page would look like. I did not login through the landing page and then shortly after, another mutual friend of mine direct messaged me with the exact same spam message, and before I knew it two other accounts sent me the same malicious message.
Beware, the link attached to the message is not safe.
Do not log in through that malicious platform. Hackers are phishing for Instagram login credentials to take over accounts and use them as bots to automate likes and comments on photos. Authentic and active accounts are targeted and taken over to be run by websites that sell likes, comments, views, and followers. These are called “follower farms”. Follower farms sell the hope of an Instagram boost to bump your numbers up on your platforms and use active profiles. We have yet to hear any news from Instagram on this issue.